CVE-2007-6652
published 2008-01-04CVE-2007-6652: cpie.php in XCMS 1.83 and earlier sends a redirect to the web browser but does not exit, which allows remote attackers to conduct direct static code injection…
PriorityP344high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
4.15%
89.6th percentile
cpie.php in XCMS 1.83 and earlier sends a redirect to the web browser but does not exit, which allows remote attackers to conduct direct static code injection attacks and execute arbitrary code via the testo_0 parameter in a cpie admin action to index.php, which writes to dati/generali/footer.dtb (aka the XCMS footer).
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| xcms | xcms | <= 1.83 | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No writeups or analysis indexed.
CWE
Execution After Redirect (EAR)
mitre_cwe·CVSS 10.0
[CRITICAL] CWE-698 Execution After Redirect (EAR)
CWE-698: Execution After Redirect (EAR)
The web application sends a redirect to another location, but instead of exiting, it executes additional code.
Modes of Introduction:
Phase: Implementation
Common Consequences:
Scope: Other, Confidentiality, Integrity, Availability. Impact: Alter Execution Logic, Execute Unauthorized Code or Commands. This weakness could affect the control flow of the application and allow execution of untrusted code.
Detection Methods:
Black Box: This issue might not be detected if testing is performed using a web browser, because the browser might obey the redirect and move the user to a different page before the application has produced outputs that indicate something is amiss.
Examples:
This code queries a server and displays its status when a request comes
CWE
Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection')
mitre_cwe
CWE-96 Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection')
CWE-96: Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection')
The product receives input from an upstream component, but it does not neutralize or incorrectly neutralizes code syntax before inserting the input into an executable resource, such as a library, configuration file, or template.
Modes of Introduction:
Phase: Implementation
Note: REALIZATION: This weakness is caused during implementation of an architectural security tactic.
Phase: Implementation
Note: This issue is frequently found in PHP applications that allow users to set configuration variables that are stored within executable PHP files. Technically, this could also be performed in some compiled code (e.g., by byte-patching an executable), although it is highly unlikely.
Common Consequen
http://osvdb.org/40277http://secunia.com/advisories/28256https://exchange.xforce.ibmcloud.com/vulnerabilities/39346https://www.exploit-db.com/exploits/4813http://osvdb.org/40277http://secunia.com/advisories/28256https://exchange.xforce.ibmcloud.com/vulnerabilities/39346https://www.exploit-db.com/exploits/4813
2008-01-04
Published